Tencent Security Xuanwu Lab Daily News
• GHSL-2024-001_GHSL-2024-003: Remote DoS and potential authentication bypasses in RubyGems.org – CVE-2024-35221:
https://securitylab.github.com/advisories/GHSL-2024-001_GHSL-2024-003_rubygems_org/
・ RubyGems.org远程DoS漏洞和潜在的身份验证绕过漏洞。
– SecTodayBot
• NativeDump – Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!):
https://dlvr.it/T8MPxq
・ 介绍了一种名为NativeDump的工具,它使用本机API来转储lsass进程,不涉及新漏洞信息,而是讨论了使用本机API转储lsass进程的功能和用法。
– SecTodayBot
• poutine: Find Supply Chain Vulnerabilities Fast:
https://meterpreter.org/poutine-find-supply-chain-vulnerabilities-fast/
・ poutine是一款安全扫描工具,可用于检测存储库构建流水线中的错误配置和漏洞
– SecTodayBot
• GitHub – sigstore/model-transparency: Supply chain security for ML:
https://github.com/sigstore/model-transparency
・ Supply chain security for ML。专注于机器学习pipeline的安全性,提供与确保机器学习模型的完整性和来源相关的实用程序和示例。
– SecTodayBot
• Working as Intended: The Unauditable, Unmanageable Keys in Google Cloud by Kat Traxler:
https://www.vectra.ai/blog/working-as-intended-the-unauditable-unmanageable-keys-in-google-cloud
・ Google Cloud HMAC Keys存在三个漏洞,包括日志记录不足、长期凭证难以管理和长期凭证无法审计。
– SecTodayBot
• stack frames size in DWARF:
https://redplait.blogspot.com/2024/06/stack-frames-size-in-dwarf.html
・ 围绕内核中的堆栈大小以及从DWARF调试信息中提取堆栈帧大小展开讨论
– SecTodayBot
• PHP < 8.3.8 – Remote Code Execution (Unauthenticated) (Windows):
https://dlvr.it/T8GZvX
・ 揭示了PHP存在的一个远程代码执行漏洞(CVE-2024-4577),并提供了利用该漏洞的利用脚本。
– SecTodayBot
• Malcolm: Powerful, easily deployable network traffic analysis tool suite:
https://meterpreter.org/malcolm-powerful-easily-deployable-network-traffic-analysis-tool-suite/
・ Malcolm是一个强大的网络流量分析工具套件,旨在提供易于部署的解决方案,支持全数据包捕获文件(PCAP)和Zeek(以前称为Bro)日志,并具有强大的流量分析和安全通信功能。
– SecTodayBot
• CVE-2024-20693: Windows cached code signature manipulation:
https://sector7.computest.nl/post/2024-06-cve-2024-20693-windows-cached-code-signature-manipulation/
・ 介绍了Windows中的一个新漏洞CVE-2024-20693,该漏洞允许操纵可执行文件或DLL的缓存签名签名级别。
– SecTodayBot
• CVE-2024-26229 Beacon Object Files:
https://github.com/NVISOsecurity/CVE-2024-26229-BOF
・ 对Cobalt Strike和BruteRatel的Beacon Object File(BOF)漏洞利用实现
– SecTodayBot
• Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces – Horizon3.ai:
https://www.horizon3.ai/attack-research/disclosures/exploiting-file-read-vulnerabilities-in-gradio-to-steal-secrets-from-hugging-face-spaces/
・ 披露了AI公司Hugging Face平台中的潜在漏洞和漏洞,对Gradio框架中的漏洞CVE-2023-51449和CVE-2024-1561进行了详细分析。
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(6-17)